US12177337B2ActiveUtilityA1

Method for cogenerating a shared cryptographic material, devices, system and corresponding computer program

44
Assignee: BANKS AND ACQUIRERS INT HOLDINGPriority: Dec 5, 2019Filed: Nov 25, 2020Granted: Dec 24, 2024
Est. expiryDec 5, 2039(~13.4 yrs left)· nominal 20-yr term from priority
Inventors:Remi Geraud
H04L 9/0869H04L 9/0643H04L 9/0877H04L 9/085
44
PatentIndex Score
0
Cited by
8
References
9
Claims

Abstract

In a method for cogenerating a shared cryptographic material implemented within a first electronic device, which is connected to a second electronic cogeneration device and to a third electronic cogeneration device, a shared encryption material (pkx) is determined, as a function of a set of cogeneration parameters ECG. The shared encryption material (pkx) is transmitted, and corresponding shared encryption materials (pky, pkz) are received from the other devices. A shared seed (mx) is computed as a function of the shared encryption materials (pkx, pky, pkz) and the set of cogeneration parameters ECG. A masked form (Ox) of said shared seed (mx) is transmitted, and masked forms (Oy, Oz) of corresponding shared seeds (my, mz) are received. A final seed (ad) is computed as a function of the masked forms (Ox, Oy, Oz) of the shared seeds (mx, my, mz) and the set of cogeneration parameters ECG.

Claims

exact text as granted — not AI-modified
The invention claimed is: 
     
       1. A method for cogenerating a shared cryptographic material implemented within a first electronic device, said first electronic device being connected to a second electronic cogeneration device and to a third electronic cogeneration device, the method comprising:
 determining a shared encryption material (pkx), as a function of a set of cogeneration parameters; 
 transmitting said shared encryption material (pkx); 
 receiving shared encryption materials (pky, pkz), which correspond to the shared encryption material (pkx), from the other devices; 
 computing a shared seed (mx) as a function of said shared encryption materials (pkx, pky, pkz) and said set of cogeneration parameters; 
 transmitting a masked form (Ox) of said shared seed (mx); 
 receiving masked forms (Oy, Oz) of corresponding shared seeds (my, mz) originating from the other devices; 
 computing a final seed (ad), as a function of the masked forms (Ox, Oy, Oz) of said shared seeds (mx, my, mz) and said set of cogeneration parameters; and 
 using the final seed (ad) to encrypt contents of exchanges between the first electronic device and the second electronic cogeneration device and/or between the first electronic device and the third electronic cogeneration device. 
 
     
     
       2. The method according to  claim 1 , wherein determining the shared encryption material (pkx), as a function of said set of cogeneration parameters, comprises:
 selecting, within a cyclic group G, a number sx, smaller than p; and 
 computing the shared encryption material (pkx) by performing an operation for the number sx with the generator g of the group G. 
 
     
     
       3. The method according to  claim 2 , wherein the cyclic group G is selected from the group consisting of:
 Curve25519; 
 sec256p; 
 head 25619; and 
 Curve448. 
 
     
     
       4. The method according to  claim 1 , wherein computing the shared seed (mx), as a function of said shared encryption materials (pkx, pky, pkz) and said set of cogeneration parameters comprises:
 obtaining a random number rx; and 
 computing the shared seed rx from the random number rx and the shared encryption materials pkx, pky, pkz and a hash function H. 
 
     
     
       5. The method according to  claim 4 , wherein said hash function is selected from the group consisting of:
 SHA-1; 
 MD5; and 
 SHA-3, in SHAKE128 mode. 
 
     
     
       6. The method according to  claim 1 , wherein computing the final seed (ad), as a function of the masked forms (Ox, Oy, Oz) of said shared seeds (mx, my, mz) and said set of cogeneration parameters comprises:
 adding the masked forms (Ox, Oy, Oz); and 
 hashing, using a hash function H, the result of the previous addition, outputting the final seed (ad). 
 
     
     
       7. The method according to  claim 6 , wherein said hash function is selected from the group consisting of:
 SHA-1; 
 MD5; and 
 SHA-3, in SHAKE128 mode. 
 
     
     
       8. The method according to  claim 1 , further comprising verifying the validity of the final seed (ad) comprising generating a random number and computing a hash value of a sum of said random number and the final seed. 
     
     
       9. A non-transitory computer-readable medium comprising a computer program product stored thereon comprising program code instructions for executing a method for cogenerating a shared cryptographic material when the instructions are executed by a processor, the method comprising:
 determining a shared encryption material (pkx), as a function of a set of cogeneration parameters; 
 transmitting said shared encryption material (pkx); 
 receiving shared encryption materials (pky, pkz), which correspond to the shared encryption material (pkx), from the other devices; 
 computing a shared seed (mx) as a function of said shared encryption materials (pkx, pky, pkz) and said set of cogeneration parameters; 
 transmitting a masked form (Ox) of said shared seed (mx); 
 receiving masked forms (Oy, Oz) of corresponding shared seeds (my, mz) originating from the other devices; 
 computing a final seed (ad), as a function of the masked forms (Ox, Oy, Oz) of said shared seeds (mx, my, mz) and said set of cogeneration parameters; and 
 using the final seed (ad) to encrypt contents of exchanges between the first electronic device and the second electronic cogeneration device and/or between the first electronic device and the third electronic cogeneration device.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.